<?php
require_once 'config.php';

if (isset($_GET['user']) && isset($_GET['code'])) {
    $username = trim($_GET['user']);
    $verification_code = trim($_GET['code']);
    
    $stmt = $conn->prepare("SELECT id, registration_time FROM users WHERE username = ? AND verification_code = ? AND is_verified = 0");
    $stmt->bind_param("ss", $username, $verification_code);
    $stmt->execute();
    $stmt->store_result();
    
    if ($stmt->num_rows > 0) {
        $stmt->bind_result($user_id, $registration_time);
        $stmt->fetch();
        
        $current_time = time();
        $registration_timestamp = strtotime($registration_time);
        $time_diff = $current_time - $registration_timestamp;
        
        if ($time_diff <= ACTIVATION_EXPIRY) {
            // 激活用户
            $update_stmt = $conn->prepare("UPDATE users SET is_verified = 1 WHERE id = ?");
            $update_stmt->bind_param("i", $user_id);
            
            if ($update_stmt->execute()) {
                $message = "账户激活成功！您现在可以登录了。";
            } else {
                $message = "激活失败，请稍后再试。";
            }
            $update_stmt->close();
        } else {
            $delete_stmt = $conn->prepare("DELETE FROM users WHERE id = ?");
            $delete_stmt->bind_param("i", $user_id);
            $delete_stmt->execute();
            $delete_stmt->close();
            
            $message = "激活链接已过期。请重新注册。";
        }
    } else {
        $message = "无效的激活链接或账户已激活。";
    }
    $stmt->close();
} else {
    $message = "无效的请求。";
}
?>

<!DOCTYPE html>
<html>
<head>
    <title>账户激活</title>
    <style>
        body { font-family: Arial, sans-serif; max-width: 500px; margin: 0 auto; padding: 20px; }
    </style>
</head>
<body>
    <h2>账户激活</h2>
    <p><?php echo htmlspecialchars($message); ?></p>
    <p><a href="register.php">返回注册页面</a></p>
</body>
</html>